In recent years, great emphasis has been provided and applied in regard to ensuring the security of communications in networks of clients and servers. Cryptographic systems have been developed for maintaining privacy of information that is transmitted across various communication channels. One type of cryptographic system often used is designated as a “symmetric crypto-system”. These symmetric crypto-systems generally utilize electronic keys and can be somewhat compared to physical security systems. An example of this would be the network where a message holding box has a single locking mechanism which has a single keyhole. Then one key holder can use his key to open the box and place a message in the box and then relock the box. Subsequently then, a second holder (who has an identical copy of the key) then unlocks the box and retrieves the message. Here the term “symmetric” indicates the situation where both Users have “identical keys”.
In computer systems which are designated as a “symmetric crypto-system”, the system requires that there be (i) an encryption function E; (ii) a decryption function D; and (iii) a shared secret key, K. In this situation, the “K” key is a unique string of data bits which apply to the encryption and decryption functions.
One particular example of the encipherment/decipherment function is the National Bureau of Standards Data Encryption Standard designated as DES. Another example is the Fast Encipherment Algorithm (FEAL). In this situation, in order to transmit a message (M) with privacy, the sender must compute a ciphertext designated “C” on the basis where C equals E (M,K). In this situation, the recipient terminal, upon receipt of the ciphertext C, then computes the message M equal to D (C,K), enabling the recipient terminal to recover the message “M”.
Again here, K is the shared secret-key which functions such that a unauthorized terminal who copies the ciphertext C, but who does not know the shared secret key K, will find himself unable to recover the message M. Here, the security is based on maintaining the secrecy of the key K.
In addition to the above-mentioned “symmetric crypto-systems” there are also systems designated as “Asymmetric Crypto-Systems” often designated as Public Key Crypto-Systems which provide other ways of encrypting information. They differ from symmetric systems, for example, in the physical sense, such that the message box has one lock, but also has two non-identical keys associated with it. Here, either key can be used to unlock the box to retrieve the message which was locked in the box by the other key. This type of system could be made to operate such that keys must be used in a “particular sequence”, such that the box can be locked with one key and only then unlocked with the other key. This asymmetric type crypto-system is often designated as a “RSA” system which refers to the names of authors Rivest, Shamir, Adleman (RSA) in a paper described in pages 120–126 of Vol. 21 of CACM (Communications of the Association for Computing machinery), published in February 1978.
In systems designated as Public Key Electronic Crypto-Systems, each operating entity or terminal has a private key “d”, which is only known to that particular entity or terminal. There is also a public key, “eN” which is publicly known. Here, once a message is encrypted with a User's public key, it can only be decrypted using that particular User's “private key”, d. Conversely, if the message is encrypted with the User's “private key”. It can only be decrypted using that User's “public key”.
A Kerberos Security System is being used as a developing standard for authenticating network Users and is often used primarily in the UNIX community where it is useful because it functions in a multi-vendor network and does not transmit passwords over the network.
Kerberos operates to authenticate Users, that is to say, it determines if a user is a valid User. It does not provide other security services such as audit trails. Kerberos authentication is based on “passwords” and does not involve physical location or smart cards.
To implement Kerberos in the system, each computer in a network must run Kerberos software. Kerberos works by granting a “ticket” which ticket is honored by all the network computers that are running Kerberos protocol. The tickets are encrypted, so passwords never go over the network in “clear text” and the Users do not need to enter their password when accessing a different computer.
Since there is of ten a need to run Kerberos on every single computer in a network, this sometimes presents a problem for potential Users. Considerable effort and time may be involved in porting Kerberos to each different hardware platform in the network. Kerberos Users tended to be large networks which were furnished with extended expertise. Since such resources are not generally available to smaller networks, it is sometimes a problem to make it available to such smaller networks which cannot justify the cost and expense.
The primary benefit of Kerberos is that it prevents a password from being transmitted over the network.
Kerberos networks are involved with the type of systems designated as “symmetric crypto-systems” discussed above. One type of symmetric crypto system is called the “Kerberos Authentication System”. This type of system was discussed and published on the Internet by J. T. Kohl and D. C. Neuman in an article entitled “The Kerberos Network Authentication Service” which was published Sep. 19, 1993 on the Internet RFC 1510. Kerberos uses symmetric key crypto-systems as a primitive and often uses the Data Encryption Standard (DES) as a inter-operability standard. Kerberos systems have been adopted as the basis for security service by the Open Software Foundations (OSF), Distributed Computing Environment (DCE). Kerberos was designed to provide authentication and key-exchange, but was not particularly designed to provide digital signatures.
Thus, networks require systems and methods for securing communications which provide a way for one User to authenticate itself to another User and additionally, these often require systems for securing communications which facilitate digital signatures being placed on a message to provide for non-repudiation.
Kerberized environments involve the transmittal of messages, for example, from a server to a client which leads to several major problems in these networks. One problem involves the inordinate period of time that a client or a server is required to wait after requesting a response to a Kerberos command. As a result of waiting for a response, this causes the controlling software program or process, to wait so that any other clients or servers in the network requesting a service would also have to wait.
Another type of problem involved in Kerberos networks is that there is no existing method of returning unsolicited messages, generated synchronously or asynchronously from a Kerberos Server to a client or other server.
The presently described system involves client authentication and validation communications which are passed or funneled through several software processes, such as system libraries. The problem often arises that if the authentication mechanism is only able to process a single request for authentication to completion, then there would generally exist a waiting time or bottleneck while the processing requests are validated. Thus, by using an asynchronous message mechanism with various subtasks, these subtasks in various states can continue to be processed without waiting for a single request to be completely finished. This facilitates the processing of multiple requests from multiple clients who are requesting Kerberos authentication.
Thus, the software method and system of the described mechanism indicates how the mechanism can authenticate a client or principal who is participating in a Kerberos domain using an asynchronous message process. The validation of the client's ability to participate is performed by a Kerberos server. The communications between the client and the server are performed by passing special types of messages using specialized protocols and the communications are facilitated by a message handling and processing model which employs the asynchronous capability.
Thus, the present system and method provides a new arrangement where clients can be authenticated by a software process residing in a client server unit wherein there previously was no method for client authentication in a Kerberos domain via an asynchronous message process.